# Exploit Title: WordPress Plugin ReDi Restaurant Reservation 21.0307 - 'Comment' Stored Cross-Site Scripting (XSS)# Date: 2021-05-10# Exploit Author: Bastijn Ouwendijk# Vendor Homepage: https://reservationdiary.eu/# Software Link: https://wordpress.org/plugins/redi-restaurant-reservation/# Version: 21.0307 and earlier# Tested on: Windows 10# CVE : CVE-2021-24299# Proof: https://bastijnouwendijk.com/cve-2021-24299/
Steps to exploit this vulnerability:1. Go to the page where [redirestaurant]is embed to make a restaurant reservation by filling in the requested information
2. In the 'Comment' field of the restaurant reservation form put the payload: `<script>alert("XSS")</script>`
3. Submit the form
4. While being logged into WordPress as administrator go to ReDi Reservations > Upcoming (Tablet PC)5. Click on 'View upcoming reservations'6. Select for'Show reservations for':'This week'7. The reservations are loaded and two alerts are shown with text 'XSS'
